URLScans API Documentation

Integrate URLScans's phishing detection and brand protection capabilities into your applications, workflows, and security tools.

Real-time Detection

Get instant phishing detection results with sub-second response times. Perfect for real-time security checks.

Enterprise Grade

Built for scale with rate limiting, authentication, and comprehensive error handling. Production-ready infrastructure.

RESTful API

Simple, intuitive REST API with JSON responses. Easy integration with any programming language or framework.

Comprehensive Docs

Detailed documentation with code examples, authentication guides, and best practices for integration.

API Endpoints

GET/api/scan?identifier=example.com

Scan a URL, domain, or IP address for phishing threats

GET/api/db/lookups?identifier=example.com

Retrieve scan history and lookup results

POST/api/categoriesJSON body with url field

Get website categories using QuickCat API integration

GET/api/whois?domain=example.com

Get WHOIS/RDAP data for a domain

Quick Start Example

// Scan a URL for phishing threats
const response = await fetch(
  'https://urlscans.com/api/scan?identifier=example.com'
);
const result = await response.json();

console.log(result.verdict.verdict); // 'safe' | 'suspicious' | 'malicious'
console.log(result.verdict.score); // 0-100 risk score
console.log(result.verdict.categories); // Threat categories

Authentication

Currently, URLScans API is available without authentication for public endpoints. For enterprise API access with higher rate limits and advanced features, please contact us.

Request API Access

Ready to Integrate?

Start using URLScans API today or contact us for enterprise integration support.

Contact API Team Schedule Integration Demo